Presentation is loading. Please wait.

Presentation is loading. Please wait.

A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and.

Published byOscar Ramsey Modified over 9 years ago

Similar presentations

Presentation on theme: "A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and."— Presentation transcript:

1 A.C. Chen 2012/07/23 @ ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and Trust Computing, data management, and Applications ( STA 2011 ) 1

2 A.C. Chen 2012/07/23 @ ADL Outline Introduction Malformed message detection framework Evaluation and experimental results Conclusion 2

3 A.C. Chen 2012/07/23 @ ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 3

4 A.C. Chen 2012/07/23 @ ADL SMS Deliver Process 4 SMS_SUBMIT SMS_DELIVER BSC: Base Station Controller MSC: Mobile Switch Center GMSC: Gateway MSC IWMSC: Interworking MSC

5 A.C. Chen 2012/07/23 @ ADL Short Message Service ( SMS ) A message sent to and from a mobile phone are first sent to an intermediate component called the Short Message Service Center (SMSC) The SMS message exists in 2 formats SMS_SUBMIT: mobile phone to SMSC SMS_DELIVER: SMSC to mobile phone 5

6 A.C. Chen 2012/07/23 @ ADL GSM Modem The SMS received on a mobile phone is handled through the GSM modem Provides an interface with the GSM network and the application processor of a smart phone Controlled through standardized AT commands Apps Telephony Stack Modem AT commands AT Result Codes Responsible for cellular communications Responsible for the communication between application processor and the modem 6

7 A.C. Chen 2012/07/23 @ ADL Example: SMS_DELIVER ///AT Result Code + the length of SMS Complete SMS string in hex. 7

8 A.C. Chen 2012/07/23 @ ADL Malformed SMS attack Cause the application processor to reach an undefined state Significant processing delays Unauthorized access Denying legitimate users access … Apps Telephony Stack Modem However, malformed message detection in mobile phones has received little attention 8

9 A.C. Chen 2012/07/23 @ ADL In this Paper… A malformed message detection framework was proposed Automatically extracts novel syntactical features to detect a malformed SMS at the access layer of mobile phones 9

10 A.C. Chen 2012/07/23 @ ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 10

11 A.C. Chen 2012/07/23 @ ADL Common Idea 11

12 A.C. Chen 2012/07/23 @ ADL SMS Detection Framework Message Analyzer Feature Extraction Feature Selection Classification 12

13 A.C. Chen 2012/07/23 @ ADL Message Analyzer Message dissection Transform incoming SMS messages into a format from which we can extract intelligent features Extracts the complete SMS message string i.e. the second line of AT Result code Feature Extraction Feature Selection Classification Message Analyzer 13

14 A.C. Chen 2012/07/23 @ ADL Extraction of String Features Mine features from an incoming SMS message Exploit the properties of a suffix tree Use a set of attribute strings to model the content of the incoming messagea set of attribute strings Entrenching function : Extracts the ( attribute, value ) pair from the suffix tree attribute: a feature string a value: the frequency of a from the nodes of the suffix tree Example 14 Feature Extraction Feature Selection Classification Message Analyzer

15 A.C. Chen 2012/07/23 @ ADL Raw Model Vectors 15 Feature Extraction Feature Selection Classification Message Analyzer

16 A.C. Chen 2012/07/23 @ ADL Feature Selection The high dimensionality of the raw model will result in large processing overheads Remove redundant features having low classification potential Not at the cost of a high false alarm rate 16 Message Analyzer Feature Extraction Classification Feature Selection

17 A.C. Chen 2012/07/23 @ ADL Selection Techniques Use 3 selection mechanisms to obtain 3 distinct model set of attributes Information Gain (IG) Gain Ratio (GR) Chi Squared (CH) 17 Message Analyzer Feature Extraction Classification Feature Selection

18 A.C. Chen 2012/07/23 @ ADL Distance/Divergence For a given vector of pairs, compute the deviation ( message score, distance ) of the vector Use 2 well-known distance measures to obtain the score Manhattan distance (md) Itakura-Saito Divergence (isd) 18 Message Analyzer Feature Extraction Feature Selection Classification

19 A.C. Chen 2012/07/23 @ ADL Classification Threshold value The largest distance score of a message in the training model Raise an alarm If the distance score of an incoming SMS is greater than the threshold value 19 Message Analyzer Feature Extraction Feature Selection Classification

20 A.C. Chen 2012/07/23 @ ADL Review Training is only required in the beginning 20 threshold message score

21 A.C. Chen 2012/07/23 @ ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 21

22 A.C. Chen 2012/07/23 @ ADL Evaluation Collect real world dataset of SMS message ≥ 5000 benign datasets Developed modem terminal interface to collect more than 5000 real world benign SMS dataset ≥ 5000 malformed datasets SMS injection framework ( Mulliner, C., et al., 2009) 22

23 A.C. Chen 2012/07/23 @ ADL Experimental Goal To select the best feature selection technique and distance measure 3 feature selection modules Information Gain (IG) Gain Ratio (GR) Chi-squared (CH) 2 distance measures Manhattan distance (md) Itakura-Saito Divergence (isd) 23

24 A.C. Chen 2012/07/23 @ ADL Parameters and Definitions 24

25 A.C. Chen 2012/07/23 @ ADL Results: Receiver Operating Characteristic Curves ROC using Manhattan Distance ROC using Itakura-Saito Divergence 25

26 A.C. Chen 2012/07/23 @ ADL Results: Overheads  Training and Threshold calculation overheads in ( ms/100 SMS )  Testing overheads in ( ms/1 SMS ) using Information Gain, Gain Ratio and Chisquared for Manhattan distance and Itakura-Saito Divergence Average training time = 3.5s/100SMS Average detection time of a malformed message = 10ms Provides the best performance 26

27 A.C. Chen 2012/07/23 @ ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 27

28 A.C. Chen 2012/07/23 @ ADL Conclusion A real time malformed message detection framework Tested on real datasets of SMS messages Successfully detects malformed messages with a detection accuracy of more than 98% The future research will focus on further optimizing and deploying it on real world mobile devices and smart phones 28

29 A.C. Chen 2012/07/23 @ ADL 29 Q & A

30 A.C. Chen 2012/07/23 @ ADL Example of a Suffix Tree Extract feature strings from an incoming message m=0110223 The set of attribute strings is thus generatedset of attribute strings 30 Feature Extraction Feature Selection Classification Message Analyzer

31 A.C. Chen 2012/07/23 @ ADL Example of Entrenching Function 31 Feature Extraction Feature Selection Classification Message Analyzer

32 A.C. Chen 2012/07/23 @ ADL The RIL in the context of Android's Telephony system architecture [ref ] [ref ] 32

33 A.C. Chen 2012/07/23 @ ADL Modules that implement telephony functionality 33

Download ppt "A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and."

Similar presentations

P3: Toward Privacy-Preserving Photo Sharing Moo-Ryong Ra, Ramesh Govindan, and Antonio Ortega Networked Systems Laboratory & Signal and Image Processing.

P3: Toward Privacy-Preserving Photo Sharing Moo-Ryong Ra, Ramesh Govindan, and Antonio Ortega Networked Systems Laboratory & Signal and Image Processing.
Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.

Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.
Location Based Service Aloizio P. Silva Researcher at Federal University Of Minas Gerais, Brazil Copyright © 2003 Aloizio Silva, All rights reserved. School.

Location Based Service Aloizio P. Silva Researcher at Federal University Of Minas Gerais, Brazil Copyright © 2003 Aloizio Silva, All rights reserved. School.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Energy–efficient Reliable Broadcast in Underwater Acoustic Networks Paolo Casari and Albert F Harris III University of Padova, Italy University of Illinois.

Energy–efficient Reliable Broadcast in Underwater Acoustic Networks Paolo Casari and Albert F Harris III University of Padova, Italy University of Illinois.
Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures – You can see it but you can not do it Arjmand Samuel Microsoft Research Muhammad Shahzad.

Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures – You can see it but you can not do it Arjmand Samuel Microsoft Research Muhammad Shahzad.
Applications of Numbered Undirected Graphs Gary s. Bloom and Solomon w. Golomb.

Applications of Numbered Undirected Graphs Gary s. Bloom and Solomon w. Golomb.
ACE: Exploiting Correlation for Energy-Efficient and Continuous Context Sensing Suman Nath Microsoft Research MobiSys 2012 Presenter: Jeffrey.

ACE: Exploiting Correlation for Energy-Efficient and Continuous Context Sensing Suman Nath Microsoft Research MobiSys 2012 Presenter: Jeffrey.
Service Discrimination and Audit File Reduction for Effective Intrusion Detection by Fernando Godínez (ITESM) In collaboration with Dieter Hutter (DFKI)

Service Discrimination and Audit File Reduction for Effective Intrusion Detection by Fernando Godínez (ITESM) In collaboration with Dieter Hutter (DFKI)
SMS WATCHDOG: PROFILING SOCIAL BEHAVIORS OF SMS USERS FOR ANOMALY DETECTION Authors: Guanhua Yan, Stephan Eidenbenz, Emannuele Galli Presented by: Ishtiaq.

SMS WATCHDOG: PROFILING SOCIAL BEHAVIORS OF SMS USERS FOR ANOMALY DETECTION Authors: Guanhua Yan, Stephan Eidenbenz, Emannuele Galli Presented by: Ishtiaq.
A Parallel Computational Model for Heterogeneous Clusters Jose Luis Bosque, Luis Pastor, IEEE TRASACTION ON PARALLEL AND DISTRIBUTED SYSTEM, VOL. 17, NO.

A Parallel Computational Model for Heterogeneous Clusters Jose Luis Bosque, Luis Pastor, IEEE TRASACTION ON PARALLEL AND DISTRIBUTED SYSTEM, VOL. 17, NO.
A New Household Security Robot System Based on Wireless Sensor Network Reporter :Wei-Qin Du.

A New Household Security Robot System Based on Wireless Sensor Network Reporter :Wei-Qin Du.
2006/12/05ICS-20061 iPower: An Energy Conservation System for Intelligent Buildings by Wireless Sensor Networks Yu-Chee Tseng, You-Chiun Wang, and Lun-Wu.

2006/12/05ICS iPower: An Energy Conservation System for Intelligent Buildings by Wireless Sensor Networks Yu-Chee Tseng, You-Chiun Wang, and Lun-Wu.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
1 Location-Based Services Using GSM Cell Information over Symbian OS Final Year Project LYU0301 Mok Ming Fai (mfmok1) Lee Kwok Chau (leekc1)

1 Location-Based Services Using GSM Cell Information over Symbian OS Final Year Project LYU0301 Mok Ming Fai (mfmok1) Lee Kwok Chau (leekc1)
APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.
ICPCA 2008 Research of architecture for digital campus LBS in Pervasive Computing Environment 1.

ICPCA 2008 Research of architecture for digital campus LBS in Pervasive Computing Environment 1.
Oral Defense by Sunny Tang 15 Aug 2003

Oral Defense by Sunny Tang 15 Aug 2003
FTP. SMS based FTP Introduction Existing System Proposed Solution Block Diagram Hardware and Software Features Benefits Future Scope Conclusion.

FTP. SMS based FTP Introduction Existing System Proposed Solution Block Diagram Hardware and Software Features Benefits Future Scope Conclusion.

Similar presentations

Ads by Google